Posts Tagged ‘web’


>Facebook Loses Much Face In Secret Smear On Google
Facebook secretly hired a PR firm to plant negative stories about Google, says Dan Lyons in a jaw dropping story at the Daily Beast.

For the past few days, a mystery has been unfolding in Silicon Valley. Somebody, it seems, hired Burson-Marsteller, a top public-relations firm, to pitch anti-Google stories to newspapers, urging them to investigate claims that Google was invading people’s privacy. Burson even offered to help an influential blogger write a Google-bashing op-ed, which it promised it could place in outlets like The Washington Post, Politico, and The Huffington Post.
The plot backfired when the blogger turned down Burson’s offer and posted the emails that Burson had sent him. It got worse when USA Today broke a story accusing Burson of spreading a “whisper campaign” about Google “on behalf of an unnamed client.”

Not good.
The source emails are here.
I’ve been patient with Facebook over the years as they’ve had their privacy stumbles. They’re forging new ground, and it’s not an exaggeration to say they’re changing the world’s notions on what privacy is. Give them time. They’ll figure it out eventually.
But secretly paying a PR firm to pitch bloggers on stories going after Google, even offering to help write those stories and then get them published elsewhere, is not just offensive, dishonest and cowardly. It’s also really, really dumb. I have no idea how the Facebook PR team thought that they’d avoid being caught doing this.
First, it lets the tech world know that Facebook is scared enough of what Google’s up to to pull a stunt like this. Facebook isn’t supposed to be scared, ever, about anything. Supreme confidence in their destiny is the the way they should be acting.
Second, it shows a willingness by Facebook to engage in cowardly behavior in battle. It’s hard to trust them on other things when we know they’ll engage in these types of campaigns.
And third, some of these criticisms of Google are probably valid, but it doesn’t matter any more. The story from now on will only be about how Facebook went about trying to secretly smear Google, and got caught.
The truth is Google is probably engaging in some somewhat borderline behavior by scraping Facebook content, and are almost certainly violating Facebook’s terms and conditions. But many people argue, me included, that the key data, the social graph, really should belong to the users, not Facebook. And regardless, users probably don’t mind that this is happening at all. It’s just Facebook trying to protect something that it considers to be its property.
Next time Facebook should take a page from Google’s playbook when they want to trash a competitor. Catch them in the act and then go toe to toe with them, slugging it out in person. Right or wrong, no one called Google a coward when they duped Bing earlier this year.
You’ve lost much face today, Facebook.
Update: Sleazy PR Firm Throws Scummy Facebook Under The Sordid Bus


>

New Hacking Tools Pose Bigger Threats to Wi-Fi Users

 

February 16, 2011

You may think the only people capable of snooping on your Internet activity are government intelligence agents or possibly a talented teenage hacker holed up in his parents’ basement. But some simple software lets just about anyone sitting next to you at your local coffee shop watch you browse the Web and even assume your identity online.
“Like it or not, we are now living in a cyberpunk novel,” said Darren Kitchen, a systems administrator for an aerospace company in Richmond, Calif., and the host of Hak5, a video podcast about computer hacking and security. “When people find out how trivial and easy it is to see and even modify what you do online, they are shocked.”
Until recently, only determined and knowledgeable hackers with fancy tools and lots of time on their hands could spy while you used your laptop or smartphone at Wi-Fi hot spots. But a free program called Firesheep, released in October, has made it simple to see what other users of an unsecured Wi-Fi network are doing and then log on as them at the sites they visited.
Without issuing any warnings of the possible threat, Web site administrators have since been scrambling to provide added protections.
“I released Firesheep to show that a core and widespread issue in Web site security is being ignored,” said Eric Butler, a freelance software developer in Seattle who created the program. “It points out the lack of end-to-end encryption.”
What he means is that while the password you initially enter on Web sites like Facebook, Twitter, Flickr, Amazon, eBay and The New York Times is encrypted, the Web browser’s cookie, a bit of code that that identifies your computer, your settings on the site or other private information, is often not encrypted. Firesheep grabs that cookie, allowing nosy or malicious users to, in essence, be you on the site and have full access to your account.
More than a million people have downloaded the program in the last three months (including this reporter, who is not exactly a computer genius). And it is easy to use.
The only sites that are safe from snoopers are those that employ the cryptographic protocol transport layer security or its predecessor, secure sockets layer, throughout your session. PayPal and many banks do this, but a startling number of sites that people trust to safeguard their privacy do not. You know you are shielded from prying eyes if a little lock appears in the corner of your browser or the Web address starts with “https” rather than “http.”
“The usual reason Web sites give for not encrypting all communication is that it will slow down the site and would be a huge engineering expense,” said Chris Palmer, technology director at the Electronic Frontier Foundation, an electronic rights advocacy group based in San Francisco. “Yes, there are operational hurdles, but they are solvable.”
Indeed, Gmail made end-to-end encryption its default mode in January 2010. Facebook began to offer the same protection as an opt-in security feature last month, though it is so far available only to a small percentage of users and has limitations. For example, it doesn’t work with many third-party applications.
“It’s worth noting that Facebook took this step, but it’s too early to congratulate them,” said Mr. Butler, who is frustrated that “https” is not the site’s default setting. “Most people aren’t going to know about it or won’t think it’s important or won’t want to use it when they find out that it disables major applications.”
Joe Sullivan, chief security officer at Facebook, said the company was engaged in a “deliberative rollout process,” to access and address any unforeseen difficulties. “We hope to have it available for all users in the next several weeks,” he said, adding that the company was also working to address problems with third-party applications and to make “https” the default setting.
Many Web sites offer some support for encryption via “https,” but they make it difficult to use. To address these problems, the Electronic Frontier Foundation in collaboration with the Tor Project, another group concerned with Internet privacy, released in June an add-on to the browser Firefox, called Https Everywhere. The extension, which can be downloaded at eff.org/https-everywhere, makes “https” the stubbornly unchangeable default on all sites that support it.
Since not all Web sites have “https” capability, Bill Pennington, chief strategy officer with the Web site risk management firm WhiteHat Security in Santa Clara, Calif., said: “I tell people that if you’re doing things with sensitive data, don’t do it at a Wi-Fi hot spot. Do it at home.”
But home wireless networks may not be all that safe either, because of free and widely available Wi-Fi cracking programs like Gerix WiFi Cracker, Aircrack-ng and Wifite. The programs work by faking legitimate user activity to collect a series of so-called weak keys or clues to the password. The process is wholly automated, said Mr. Kitchen at Hak5, allowing even techno-ignoramuses to recover a wireless router’s password in a matter of seconds. “I’ve yet to find a WEP-protected network not susceptible to this kind of attack,” Mr. Kitchen said.
A WEP-encrypted password (for wired equivalent privacy) is not as strong as a WPA (or Wi-Fi protected access) password, so it’s best to use a WPA password instead. Even so, hackers can use the same free software programs to get on WPA password-protected networks as well. It just takes much longer (think weeks) and more computer expertise.
Using such programs along with high-powered Wi-Fi antennas that cost less than $90, hackers can pull in signals from home networks two to three miles away. There are also some computerized cracking devices with built-in antennas on the market, like WifiRobin ($156). But experts said they were not as fast or effective as the latest free cracking programs, because the devices worked only on WEP-protected networks.
To protect yourself, changing the Service Set Identifier or SSID of your wireless network from the default name of your router (like Linksys or Netgear) to something less predictable helps, as does choosing a lengthy and complicated alphanumeric password.
Setting up a virtual private network, or V.P.N., which encrypts all communications you transmit wirelessly whether on your home network or at a hot spot, is even more secure. The data looks like gibberish to a snooper as it travels from your computer to a secure server before it is blasted onto the Internet.
Popular V.P.N. providers include VyperVPN, HotSpotVPN and LogMeIn Hamachi. Some are free; others are as much as $18 a month, depending on how much data is encrypted. Free versions tend to encrypt only Web activity and not e-mail exchanges.
However, Mr. Palmer at the Electronic Frontier Foundation blames poorly designed Web sites, not vulnerable Wi-Fi connections, for security lapses. “Many popular sites were not designed for security from the beginning, and now we are suffering the consequences,” he said. “People need to demand ‘https’ so Web sites will do the painful integration work that needs to be done.”

New Hacking Tools Pose Bigger Threats to Wi-Fi Users – NYTimes.com: “

iStockphoto
By KATE MURPHY
Published: February 16, 2011

– Sent using Google Toolbar”

Share this|var addthis_config = { ui_cobrand: “The MasterBlog”}

________________________
The MasterBlog


>Top 10 Social Networks

  1. Facebook – 133,623,529 unique visits
  2. MySpace – 50,615,444 unique visits
  3. Twitter – 23,573,178 unique visits
  4. Linkedin – 15,475,890 unique visits
  5. Classmates – 14,613,381 unique visits
  6. MyLife – 8,736,352 unique visits
  7. Ning – 6,120,667 unique visits
  8. LiveJournal – 3,834,155 unique visits
  9. Tagged – 3,800,325 unique visits
  10. Last.fm – 3,473,978 unique visits

* — stats provided from About.com as of 08/12/10.
Top 10 Social Networks You Should Care About As a Web Developer
By Scott Clark
August 13, 2010

If you are a web developer, you may have brushed off social networking as a phenomenon that is dominated by teenagers and people seeking relationships. If you talk to non-developers, however, you may have realized that social networking is pervasive, and noticed that most smart businesses have embraced the phenomenon as a way to attract potential customers and interact with their current customers. In this article we’ll look at the top 10 social networking sites that you should be aware of as a developer who cares about your clients’ businesses.

Top 10 Social Networking Sites

To get started, let’s break down the top 10 social networking sites today. In order of unique visitors, here’s the list*:

  1. Facebook – 133,623,529 unique visits
  2. MySpace – 50,615,444 unique visits
  3. Twitter – 23,573,178 unique visits
  4. Linkedin – 15,475,890 unique visits
  5. Classmates – 14,613,381 unique visits
  6. MyLife – 8,736,352 unique visits
  7. Ning – 6,120,667 unique visits
  8. LiveJournal – 3,834,155 unique visits
  9. Tagged – 3,800,325 unique visits
  10. Last.fm – 3,473,978 unique visits

* — stats provided from About.com as of 08/12/10.
Over the last year, Facebook has doubled its monthly visitors, while MySpace has experienced a 13% decrease. Some of the change is due to MySpace users growing up and wanting to interact with business acquaintances, school friends and more, but overall, social networking is dramatically increasing worldwide. Small businesses, corporations and grandparents everywhere are becoming socially active online at an exponential rate. The time is now to get your business or website’s presence on the social networks so your customers can reach and communicate with your business and other customers.
Your business or website’s social networking presence should not be a copy of your website, nor should it appear like a brochure designed to sell something. It should provide a more personal look at your business, the people who are involved, and the social networking sites should be a place where, although still done in a professional manner, your company can let its hair down, so to speak. Interesting aspects of your business, positive communications with your customers, new aspects of the business that you are working on or considering are all topics to be considered for posting on your social networking sites.
Another thing to keep in mind is that all of the social networking sites have their own rules about soliciting, advertising and what can and cannot be posted on their sites. You must adhere to their rules, or you will be banned and your site will be blacklisted. Most social networking sites enable their members to interact with each other, and your business’ social networking sites are no different. You can expect to receive both positive and negative feedback. While the positive feedback is great, the negative feedback allows you to focus on those aspects of your site or business that needs improvement. Your reactions to that negative feedback will be seen by all of your other customers, whether they are current customers or potential customers, so keep it professional, and whatever you do, do not allow yourself to get into a flame war or argument.
On some social networking sites you can use an RSS feed to display your most recent articles or content from your regular website. This is a great way to keep folks informed about changes to your site, and keeps the content on your social site fresh and appealing.
Some social networking sites, such as Twitter and Facebook, provide web developers with access to many features of their site through the use of Application Programming Interfaces (APIs) or Software Developer’s Kits (SDKs). Developers can access bits of information from “friends” on their social networking site, and display that information on their regular website. Facebook’s now famous “Like” button is an example of the use of an API.
Here are a few social networking APIs and SDKs that you may find useful as you create or enhance your current website:

Top 10 Social Networks You Should Care About As a Web Developer – www.htmlgoodies.com

________________________





%d bloggers like this: